Trezor Backup & Recovery: Protecting Your Seed Phrase

Your Trezor hardware wallet’s recovery seed phrase is the single most important piece of information in your entire cryptocurrency security setup. This sequence of words is the master key that can reconstruct all of your private keys, accounts, and balances on any compatible hardware wallet. If your Trezor device is lost, stolen, damaged, or malfunctions, your recovery seed is the only way to regain access to your funds. Conversely, if someone else obtains your recovery seed, they can steal every asset associated with it. This guide covers everything you need to know about protecting your seed phrase, including Trezor’s advanced Shamir Backup system and step-by-step recovery procedures.

Understanding Your Recovery Seed

When you initialize a new Trezor wallet, the device generates a random recovery seed phrase consisting of either 12 or 20 words (for standard backup) or multiple sets of 20-word shares (for Shamir Backup). These words are drawn from a standardized list of 2,048 English words defined by the BIP-39 (standard) or SLIP-39 (Shamir) specifications. The mathematical relationship between these words encodes the cryptographic master key from which all your individual cryptocurrency private keys are derived. The security of this system relies on the enormous number of possible word combinations, making it practically impossible for anyone to guess your specific sequence.

Your Trezor device generates this seed using a hardware-based true random number generator, ensuring that the randomness is derived from physical processes rather than potentially predictable software algorithms. This is one of the key advantages of hardware wallets over software wallets, which must rely on the operating system’s random number generator, which could potentially be compromised by malware.

Standard Backup vs. Shamir Backup

Trezor offers two distinct backup methods, each with its own advantages and trade-offs. Understanding the differences is essential for choosing the right approach for your security needs.

Standard Backup (BIP-39) generates a single 12 or 20-word recovery phrase. This is the traditional approach used by virtually all cryptocurrency wallets. Its primary advantage is simplicity: you have one set of words to record and protect. The downside is that this single phrase represents a critical single point of failure. If someone finds it, your funds are immediately at risk. If you lose it, your funds are permanently inaccessible should your device also fail.

Shamir Backup (SLIP-39) is a Trezor-exclusive feature available on Safe 5 and Safe 7 models. Instead of generating a single seed phrase, Shamir Backup uses Shamir’s Secret Sharing algorithm to split your master secret into multiple independent shares. You configure two parameters: the total number of shares to generate (for example, 5) and the threshold required for recovery (for example, 3). Each share is a separate 20-word sequence that is meaningless on its own. Only when the threshold number of shares are combined can the original wallet be reconstructed. This eliminates the single point of failure while providing redundancy against loss.

Best Practices for Seed Storage

Regardless of which backup method you choose, the physical security of your written seed words is paramount. Here are proven strategies for protecting your recovery seed:

Use metal backup solutions. Paper is vulnerable to fire, water damage, and degradation over time. Metal backup plates or capsules made from stainless steel or titanium can withstand temperatures above 1,500 degrees Celsius and are impervious to water damage. Products like Cryptosteel, Billfodl, and SeedPlate allow you to stamp or slide individual letters into a durable metal format that will survive virtually any disaster. This is considered the gold standard for seed phrase storage.

Distribute storage locations. Never keep all copies of your seed phrase (or all Shamir shares) in one physical location. If using standard backup, consider creating two identical metal backups and storing them in separate secure locations such as a home safe and a bank safety deposit box. With Shamir Backup, distribute individual shares across different locations so that theft or destruction at any single location cannot compromise your funds or prevent recovery.

Never store digitally. Do not photograph your seed phrase, type it into a notes application, email it to yourself, store it in cloud storage, or enter it into any website or application other than your Trezor device during recovery. Digital storage creates attack vectors for hackers, malware, and data breaches that do not exist with purely physical storage methods.

Control access carefully. Only individuals who you trust with your entire cryptocurrency holdings should know the location of your seed backup. Consider the implications for inheritance planning: if something happens to you, will your beneficiaries be able to locate and use your recovery seed? Some users leave sealed instructions with estate attorneys or in safety deposit boxes for this purpose.

Setting Up Shamir Backup

If you are using a Trezor Safe 5 or Safe 7, we strongly recommend Shamir Backup for holdings above a few thousand dollars. During the initial wallet setup, select “Shamir Backup” when prompted for your backup method. You will then choose the number of shares to generate and the recovery threshold. A 3-of-5 configuration is a popular choice: five shares are created, and any three are sufficient to recover the wallet. This means you can lose or have up to two shares compromised without losing access to your funds.

Your Trezor will display each share’s 20 words sequentially on the device screen. Write each share on a separate recovery card, clearly labeled with the share number (Share 1 of 5, Share 2 of 5, etc.). After all shares are recorded, the device will verify several words from each share to confirm accuracy. Once verified, distribute your shares to their designated secure storage locations.

Example distribution for a 3-of-5 setup: Share 1 in your home safe, Share 2 in a bank safety deposit box, Share 3 with a trusted family member, Share 4 in a second geographic location (such as a relative’s home in another city), and Share 5 stored at your workplace in a locked drawer or personal safe. This configuration ensures that theft at any single location, or even two locations, cannot compromise your wallet, while natural disasters affecting one area leave you with sufficient shares for recovery.

Recovering Your Wallet

If you need to recover your Trezor wallet due to device loss, damage, or upgrade, the process is straightforward. Obtain a new Trezor device (or reset an existing one), connect it to Trezor Suite, and select “Recover Wallet” during the setup process. For standard backup, enter your 12 or 20-word recovery phrase directly on the Trezor’s screen. The device uses a word-by-word entry system where you type the first few letters of each word and select from a filtered list, minimizing the risk of your complete seed being visible on a computer screen.

For Shamir Backup recovery, the process requires entering the threshold number of shares (for example, 3 shares for a 3-of-5 configuration). You enter each share sequentially on the device, and after the threshold is met, the device reconstructs your master secret and regenerates all your accounts and balances. It does not matter which specific shares you use, as long as the total meets the configured threshold.

What to Do If Your Seed Is Compromised

If you suspect that your recovery seed phrase has been viewed, photographed, or otherwise compromised by an unauthorized person, you must act immediately. Transfer all cryptocurrency from accounts associated with the compromised seed to a new wallet generated with a fresh, uncompromised seed. Do not delay this step. Then securely destroy all copies of the compromised seed and replace them with backups of your new seed. Time is critical in this scenario, as anyone with your seed phrase can access your funds from any location at any time.

The passphrase feature provides an additional layer of protection in this scenario. If you were using a passphrase, an attacker who obtains only your recovery seed without the passphrase will see an empty wallet (or a decoy wallet if you maintained one). However, you should still treat a compromised seed as a serious security incident and migrate to a new seed as soon as possible. Read our passphrase guide on the blog for detailed instructions on setting up this additional security layer.